awesome-repositories.com
博客
awesome-repositories.com

通过 AI 驱动的搜索,发现最优秀的开源仓库。

探索精选搜索开源替代品自托管软件博客网站地图
项目关于排名机制媒体报道MCP 服务器
法律隐私政策服务条款
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·

27 个仓库

Awesome GitHub RepositoriesHTTP Security Headers

Configuration guides for security-focused response headers.

Distinguishing note: Focuses on browser-enforced security via HTTP headers.

Explore 27 awesome GitHub repositories matching security & cryptography · HTTP Security Headers. Refine with filters or upvote what's useful.

Awesome HTTP Security Headers GitHub Repositories

用 AI 发现最棒的仓库。我们将通过 AI 为您搜索最匹配的仓库。
  • owasp/cheatsheetseriesOWASP 的头像

    OWASP/CheatSheetSeries

    32,298在 GitHub 上查看↗

    The OWASP Cheat Sheet Series is a comprehensive, community-driven repository of concise security best practices and defensive coding patterns. It serves as a centralized knowledge base for developers and security professionals, providing actionable guidance to secure applications across the entire software development lifecycle. The project covers a vast array of security domains, ranging from fundamental web application hardening and authentication protocols to specialized controls for modern infrastructure and artificial intelligence systems. What distinguishes this project is its decentral

    Configures security-focused response headers to enforce protective browser policies.

    Pythonapplication-securityappsecbest-practices
    在 GitHub 上查看↗32,298
  • http-party/http-serverH

    http-party/http-server

    14,191在 GitHub 上查看↗

    This project is a lightweight Node.js web server and command-line tool designed for hosting static assets and delivering local files over HTTP. It functions as a static site host that provides a minimal environment for serving HTML, CSS, and JavaScript files to web browsers. The server includes built-in support for TLS encryption to enable secure HTTPS access and allows for the configuration of cross-origin resource sharing headers. It also features basic authentication to restrict folder access via username and password verification. The system manages content delivery through browser cache

    Injects standard HTTP caching headers into responses based on user-defined expiration settings.

    JavaScript
    在 GitHub 上查看↗14,191
  • phanan/htaccessphanan 的头像

    phanan/htaccess

    13,165在 GitHub 上查看↗

    This project is a comprehensive library of reusable configuration patterns for the Apache web server. It provides a collection of server-side directives designed to manage security, performance, and request routing through decentralized configuration files. The repository serves as a reference for implementing server-level settings without requiring global restarts. It includes specialized patterns for enforcing secure connections, managing cross-origin resource sharing, and protecting sensitive system files from public exposure. Users can leverage these snippets to implement clickjacking pro

    Serves as a reference for implementing security headers to mitigate common web vulnerabilities.

    apacheawesomeawesome-list
    在 GitHub 上查看↗13,165
  • helmetjs/helmethelmetjs 的头像

    helmetjs/helmet

    10,692在 GitHub 上查看↗

    Helmet is an Express.js middleware library that sets a comprehensive collection of HTTP security headers to protect web applications from common vulnerabilities like cross-site scripting and clickjacking. At its core, it provides a configurable middleware system for injecting security headers into HTTP responses, with a primary focus on Content Security Policy configuration through custom directives and report-only testing modes. The library distinguishes itself through a flexible configuration surface that supports method chaining for composing multiple headers in a single expression, as wel

    Sets a comprehensive set of HTTP response headers to harden web application security.

    TypeScripthelmethttp-headersjavascript
    在 GitHub 上查看↗10,692
  • bunkerity/bunkerized-nginxbunkerity 的头像

    bunkerity/bunkerized-nginx

    10,629在 GitHub 上查看↗

    Bunkerized Nginx is a containerized security automation system that provides a secure reverse proxy and web application firewall. It focuses on protecting web applications by monitoring container labels within cloud-native orchestration systems to automatically update security settings and firewall rules. The system distinguishes itself through automated security operations, including the automatic management of SSL certificates and an automated client banning mechanism that blocks IP addresses based on HTTP status codes. It features bot challenge mechanisms using CAPTCHAs, JavaScript, or coo

    Implements security-focused HTTP response headers and tightens TLS settings to reduce the attack surface.

    Python
    在 GitHub 上查看↗10,629
  • whatwg/htmlwhatwg 的头像

    whatwg/html

    9,163在 GitHub 上查看↗

    This repository contains the HTML specification, which defines the core standards for web page structuring, content organization, and document rendering. It establishes the fundamental algorithms for state-machine-based tokenization, tree construction for the document object model, and origin-based security isolation. The specification provides a framework for defining custom elements with independent lifecycles and registries. It also details the requirements for cross-document communication, session history management, and the synchronization of interface properties with content attributes.

    Uses HTTP response headers to enforce cross-origin policies and embedding restrictions.

    HTMLcanvaseventsourcehtml
    在 GitHub 上查看↗9,163
  • pyeve/evepyeve 的头像

    pyeve/eve

    6,738在 GitHub 上查看↗

    Eve is a REST API framework that maps database collections to web resources through declarative configuration files. It functions as a database-to-API mapper, automatically exposing data as RESTful endpoints with built-in support for CRUD operations and schema-based request validation. The project distinguishes itself through a HATEOAS API engine that generates hypermedia links and resource schemas for dynamic client discovery. It also includes an automated Swagger documentation generator that produces interactive specifications for client SDK generation and testing. The framework provides a

    Sets global and resource-specific HTTP cache control headers and expiration times to manage response revalidation.

    Python
    在 GitHub 上查看↗6,738
  • venomous/cloudscraperVeNoMouS 的头像

    VeNoMouS/cloudscraper

    6,603在 GitHub 上查看↗

    cloudscraper is a Python library designed to bypass Cloudflare anti-bot protections by resolving JavaScript challenges and mimicking browser fingerprints. It functions as a specialized tool for accessing websites that employ automated security systems to block scripts and headless browsers. The project differentiates itself through the use of interchangeable JavaScript runtimes, such as Node.js or V8, to execute challenge code and obtain security clearance tokens. It employs a fingerprint rotation engine and HTTP request emulation to rotate browser headers and device identifiers, mimicking hu

    Manipulates HTTP Host headers to control how the client identifies itself during network handshakes.

    Pythonanti-bot-pagecloudflarecloudflare-bypass
    在 GitHub 上查看↗6,603
  • gtsteffaniak/filebrowsergtsteffaniak 的头像

    gtsteffaniak/filebrowser

    6,330在 GitHub 上查看↗

    FileBrowser is an open-source, self-hosted file management interface that runs as a single binary with no external dependencies. It provides a web-based interface for browsing, uploading, editing, and sharing files on a remote server, with a core architecture built on JWT-based stateless authentication and a rule-based path permission engine that controls access at the directory level. The project distinguishes itself through a comprehensive access control system that supports multi-provider authentication including OIDC, LDAP, external JWT, and two-factor authentication, alongside granular p

    Read the JWT token from a configurable HTTP header instead of a query parameter for more secure authentication.

    Go
    在 GitHub 上查看↗6,330
  • dragonflyoss/dragonfly-archiveddragonflyoss 的头像

    dragonflyoss/dragonfly-archived

    5,937在 GitHub 上查看↗

    Dragonfly is a peer-to-peer file distribution system designed to accelerate large-scale file and container image delivery across clusters. It splits files into small pieces that peers exchange independently, enabling parallel downloads from multiple sources while a central scheduler assigns parent peers based on real-time load metrics. The system integrates with existing tools through an HTTP proxy interface and uses gRPC for internal communication between peers and the scheduler. The system distinguishes itself through automatic integrity verification at the piece level, ensuring every downl

    Accepts standard HTTP header fields to pass authentication credentials when fetching files from the source.

    Gocloud-nativecncfdocker-image
    在 GitHub 上查看↗5,937
  • tinyproxy/tinyproxytinyproxy 的头像

    tinyproxy/tinyproxy

    5,886在 GitHub 上查看↗

    Tinyproxy 是一个专为 POSIX 操作系统设计的轻量级 HTTP 和 HTTPS 代理守护进程。它作为一个系统级网络代理,以最小的资源开销管理 Web 流量。 该项目支持多种路由模式,包括用于将请求转发到后端服务器的反向代理,以及用于在无需客户端配置的情况下拦截网络流量的透明代理。它还包括一个头过滤器,用于修改或阻止特定的 HTTP 头以保护隐私和安全。 该软件结合了基于客户端子网的网络访问控制和协议过滤。为了系统安全,它实现了权限降级,在绑定到端口后以非特权用户身份运行。其他功能包括用于管理服务器和客户端之间速度差异的响应缓冲,以及用于监控代理统计信息的远程接口。

    Provides capabilities to add, remove, or modify HTTP request and response headers for privacy and security.

    C
    在 GitHub 上查看↗5,886
  • microsoft/typespecmicrosoft 的头像

    microsoft/typespec

    5,781在 GitHub 上查看↗

    TypeSpec is a language for defining cloud API shapes and generating OpenAPI, JSON Schema, and client/server code from a single source of truth. It functions as a protocol-agnostic API designer that models REST, gRPC, and other API protocols using a unified, extensible syntax, with a decorator-based metadata system for attaching metadata, validation rules, and lifecycle visibility to API models and operations. The compiler produces OpenAPI 3.0 specifications and other artifacts, and the tool supports declaring API versions and tracking changes to models, properties, and operations across releas

    Provides a decorator-based system for configuring HTTP header parameter options in API definitions.

    Javajson-schemaopenapi3protobuf
    在 GitHub 上查看↗5,781
  • springside/springside4springside 的头像

    springside/springside4

    5,652在 GitHub 上查看↗

    SpringSide 4 is an enterprise Java reference architecture and utility library built on the Spring Framework. It provides a pragmatic, best-practice application stack for building RESTful web services, web applications, and data access layers, along with a curated collection of high-performance utility classes for common operations like text, date, collection, reflection, concurrency, and I/O handling. The project distinguishes itself by combining a complete reference application scaffold with production-oriented infrastructure. It includes a JPA-based data access layer that automatically tran

    Provides a utility for attaching authentication tokens to HTTP requests via a fluent client.

    Java
    在 GitHub 上查看↗5,652
  • partykit/partykitpartykit 的头像

    partykit/partykit

    5,644在 GitHub 上查看↗

    PartyKit is a serverless WebSocket backend platform for building real-time multiplayer applications. It provides a globally distributed edge computing runtime that runs stateful server code close to users, with automatic scaling and hibernation for idle rooms. The platform handles WebSocket connections, HTTP requests, and durable storage without requiring infrastructure management, and includes a client and server SDK with hooks, storage, and Yjs integration for building collaborative features. The platform distinguishes itself through per-room isolation using Durable Objects, where each uniq

    Verifies user identity on incoming HTTP requests by checking a session token in an Authorization header.

    TypeScriptbackendscollaborationcrdts
    在 GitHub 上查看↗5,644
  • adamchainz/django-cors-headersadamchainz 的头像

    adamchainz/django-cors-headers

    5,587在 GitHub 上查看↗

    django-cors-headers 是一个 Django 中间件,用于管理跨域资源共享(CORS)标头,以控制哪些外部域可以访问服务器资源。它作为一个安全组件,通过来源验证和标头管理来强制执行访问控制策略。 该项目提供了使用主机名或正则表达式进行来源白名单的功能,并支持本地网络访问规范以允许来自私有网络的请求。它允许通过基于路径的限制和由信号系统驱动的动态来源验证进行细粒度控制。 该软件涵盖了更广泛的安全和性能领域,包括凭据管理、请求过滤和响应标头暴露控制。它还通过将来源添加到 Vary 标头来管理缓存协调,以防止不同跨域请求之间的内容冲突。

    Prevents cache collisions between different cross-origin requests by adding the Origin header to the Vary response.

    Python
    在 GitHub 上查看↗5,587
  • manojvivek/medium-unlimitedmanojVivek 的头像

    manojVivek/medium-unlimited

    5,468在 GitHub 上查看↗

    Medium Unlimited 是一个浏览器扩展和 Web 内容解锁器,旨在移除发布平台上的会员限制和订阅限制。它作为一个基于浏览器的文章解锁器,允许阅读跨多个域名的付费内容。 该工具利用搜索引擎集成来识别文章的存档或镜像版本,并自动重定向到全文链接。它将这些重定向与在原始文章被锁定时定位外部发布者内容的能力相结合。 该项目通过文档对象模型(DOM)操作隐藏会员覆盖层,并通过修改请求头来模拟搜索引擎爬虫,从而实现内容访问。它采用基于模式的域名和 URL 匹配来触发这些绕过工作流。

    Modifies HTTP request headers to mimic search engine crawlers and bypass server-side restrictions.

    JavaScriptchrome-extensionfirefox-addonjavascript
    在 GitHub 上查看↗5,468
  • lorenzodifuccia/safaribookslorenzodifuccia 的头像

    lorenzodifuccia/safaribooks

    5,091在 GitHub 上查看↗

    本项目是一个数字图书馆导出器和 EPUB 内容生成器,专门用于从 O'Reilly Learning 平台下载书籍并将其转换为电子出版物文件,以供离线阅读和永久存储。它作为一个 Web 内容抓取工具,检索受限的文本和媒体,以促进数字图书馆归档。 该工具使用凭据或 Cookie 管理会话身份验证,以保持对内容的持续访问。它通过唯一标识符检索书籍,并将源材料转换为标准化的 EPUB 文件,包括布局优化,以确保表格和元素在各种电子阅读设备上的兼容性。

    Attaches authentication tokens to outgoing HTTP headers to ensure requests are authorized by the target platform.

    Pythoncalibreepuboreilly
    在 GitHub 上查看↗5,091
  • yiisoft/yiiyiisoft 的头像

    yiisoft/yii

    4,825在 GitHub 上查看↗

    Yii 是一个全栈 PHP Web 框架和基于组件的系统,专为构建动态网站和 RESTful 服务而设计。它作为 MVC 应用程序框架运行,将业务逻辑与用户界面分离,并包含一个用于与数据库交互的内置对象关系映射器。 该项目提供了一套全面的命令行工具集,用于项目引导、自动化代码生成和后台任务执行。它利用基于组件的架构和服务定位器来管理依赖注入和对象生命周期。 该框架涵盖了广泛的功能领域,包括模式迁移和版本控制、基于角色的身份管理以及内容本地化。它还具有多种缓存策略,例如片段缓存、查询缓存和全页缓存,并支持基于依赖的失效。其他系统工具包括软件测试框架、事件日志记录和请求速率限制。

    Manages browser caching behavior via standard HTTP headers to reduce redundant server rendering.

    PHPhacktoberfestphpphp-framework
    在 GitHub 上查看↗4,825
  • jazzband/djangorestframework-simplejwtjazzband 的头像

    jazzband/djangorestframework-simplejwt

    4,321在 GitHub 上查看↗

    这是一个用于 Django REST Framework 的 JSON Web Token (JWT) 身份验证包,用于管理无状态用户身份。它作为一个身份验证提供程序和令牌管理器,用于签发和验证签名令牌,以在多个请求中维护用户会话。 该项目实现了双令牌生命周期,签发短期的访问令牌和长期的刷新令牌,以平衡安全性和会话持久性。它具有令牌轮换功能以防止重放攻击,以及用于使受损凭据失效的黑名单系统。此外,它支持滑动窗口过期以自动延长活动会话,并允许自定义身份声明,将用户元数据直接嵌入到令牌负载中。 该系统提供了使用对称和非对称算法进行令牌签名的全面功能,以及无需数据库查询即可验证身份的加密验证。它还包括对 OpenAPI 安全方案的集成,以记录基于令牌的身份验证要求,以及用于清理过期令牌的数据库工具。

    Configures the HTTP headers used to transmit authentication tokens in API requests.

    Python
    在 GitHub 上查看↗4,321
  • adguardteam/adguardfiltersAdguardTeam 的头像

    AdguardTeam/AdguardFilters

    4,142在 GitHub 上查看↗

    AdguardFilters is a collection of curated adblock filter lists, content blocking rulesets, and DNS blocklists. Its primary purpose is to provide the rules necessary to identify and remove advertisements, tracking scripts, and intrusive elements across web browsers and applications. The project includes specialized rules for cosmetic filtering to hide layout gaps and a malware domain database to block phishing and spyware destinations. It provides distinct filtering sets for different regions and purposes, such as social media blocking. The repository covers broad capability areas including m

    Allows for the removal of specific headers and modification of Referrer and Content Security Policies.

    Adblock Filter Listadblockadguardfilter-list
    在 GitHub 上查看↗4,142
上一个12下一个
  1. Home
  2. Security & Cryptography
  3. HTTP Security Headers

探索子标签

  • Cache Control Headers1 个子标签Configuration of HTTP headers specifically for managing browser and proxy caching behavior. **Distinct from HTTP Security Headers:** Focuses on performance-related cache-control headers rather than security-focused headers
  • Header ManipulatorsTools for adding, removing, or modifying HTTP request and response headers. **Distinct from HTTP Security Headers:** Focuses on the active manipulation and removal of headers, not just the configuration of security headers.
  • JWT Header Configurations1 个子标签Configuration options for reading authentication tokens from custom HTTP headers rather than query parameters or cookies. **Distinct from HTTP Security Headers:** Distinct from HTTP Security Headers: focuses on JWT token transport via custom headers, not browser-enforced security policies.
  • Passive Security AuditingNon-intrusive security checks that analyze headers and files without sending malicious payloads. **Distinct from HTTP Security Headers:** Describes the non-intrusive auditing method rather than just the configuration of headers.
  • Source Request Authentications1 个子标签Accepts standard HTTP header fields to pass authentication credentials when fetching files from a source. **Distinct from HTTP Security Headers:** Distinct from HTTP Security Headers: focuses on passing credentials via request headers for source authentication, not browser-enforced security response headers.